978-1305507272 Case 17 2

Unlock access to all the studying documents.

View Full Document

Case 17-2

Is Your Personal Data Private? Is It Safe?

Whenever you use a credit or debit card to buy something—online, in a store, by mail, or over the

phone—your purchase is recorded and stored in the retailer’s database (as well as in the bank’s database).

Analyzing your purchasing patterns helps the companies develop more appropriate offers and more

targeted communications. A growing number of consumers worry, however, that the names and numbers

in these databases might be stolen electronically or through the theft of laptops or data. That is exactly

what happened when hackers broke into the computer network of the parent company of retailer TJ Maxx

and stole more than 45 million credit and debit card numbers. Because of that theft, millions of consumers

had their banks cancel those cards and issue new cards.

Each year, millions of U.S. consumers fall victim to identity theft, having credit card numbers or

other details stolen and used to make fraudulent purchases. The government estimates that $50 billion

worth of goods, services, and funds is stolen annually through identity theft. With so much data being

gathered and stored by so many companies and government agencies, security is an important concern.

Sometimes consumers are hoodwinked into revealing information in response to e-mails, letters, or phone

calls that appear to be legitimate but are not.

Even when you are just clicking around the Internet, some sites are collecting personal information

about you, and you may not even know it. Many websites place cookies—small data files—on your

computer’s hard drive to track your movement around each site and to determine which pages and items

you looked at, how long you lingered, and which links you clicked on. The benefit gained from this

tracking is that sites can customize your online experience by knowing what items you have searched for

or looked at. At the same time, your online behavior may be tracked by software that can determine which

ads you will see based on the sites you have visited. This situation worries privacy advocates, who want

firms to clearly disclose exactly what they are tracking and why and to get the consumer’s permission

before tracking. The Center for Digital Democracy and other groups have been pushing for a federal “do

not track” list—similar to the “do not call” list—so that consumers can opt out of online tracking.

Although many sites post privacy policies to explain their data collection practices, consumers may

not always notice these policies or understand what the data is being used for. Google

[http://bi.galegroup.com/essentials/company/927326?u=tlearn_trl], for example, has addressed such

concerns by changing its policy to hold information about searches conducted by consumers for 18

months and then to delete those searches. Consumers can also view their stored Google search data, edit

out personal details, and have all search data erased, if they choose.

However, sometimes companies take actions that seem inconsistent with their privacy policies. For

instance, the pharmaceutical firm Eli Lilly

[http://bi.galegroup.com/essentials/company/305219?u=tlearn_trl] violated its privacy policy by

inadvertently revealing the names of people who had signed up to receive information from its

Prozac.com website. In response, the Federal Trade Commission ordered Eli Lilly to set up a system to

protect customer data for the next 20 years and to report every year on its security processes.

The social networking site Facebook

[http://bi.galegroup.com/essentials/company/1360265?u=tlearn_trl], has also had problems with privacy.

Not long ago, it launched an advertising feature in which a user’s actions (such as scoring high on an

online game or buying a movie ticket) popped up on the user’s page and on the merchant’s site. After an

outcry from users and privacy advocates, Facebook changed the feature so that such actions would only

be visible when users specifically allowed them to be posted.

Case Questions

1. What would you recommend that TJ Maxx do to reassure shoppers that their credit and debit card

data will be safe in the future?

2. From a marketer’s perspective, what are the pros and cons of complying with a “do not track” list that

would prevent you from collecting online behavioral data about the consumers who are listed?

3. If you were on the marketing staff of Facebook, how would you address the concerns expressed by

privacy advocates?